c88f45996f6c7f4415973a85ea55b0cdfed44163ead6d550a552f46d3c948c96

Sharing

Copy URL

Twitter E-mail

General

Target

c88f45996f6c7f4415973a85ea55b0cdfed44163ead6d550a552f46d3c948c96
Size

497KB
MD5

6252d3a14b13a6654bd2b130fae17372
SHA1

e21b691dab70c178dd7be52c0187aa650dbb8d38
SHA256

c88f45996f6c7f4415973a85ea55b0cdfed44163ead6d550a552f46d3c948c96
SHA512

bae3686854b41fdaee2f21513ed142da75236977ede4e9ed248b42f7b491bb9dcc4e69a62049ba2da34d017b09139b78ff5319b89f1db55ed3e786e3abf9c7d7
SSDEEP

12288:2p/14KCCounRYadnrt6xYjl7y6qb4JXe/cDUen5GbciRaA:VCogRYYrt6xIxJg4JXeEDUen5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c88f45996f6c7f4415973a85ea55b0cdfed44163ead6d550a552f46d3c948c96

Files

c88f45996f6c7f4415973a85ea55b0cdfed44163ead6d550a552f46d3c948c96
.exe windows:4 windows x86 arch:x86

595105755c9012471721b60f28a7c8d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutPrepareHeader
waveOutOpen
waveOutWrite
joyGetPosEx
waveOutUnprepareHeader
waveOutClose
waveOutReset
joyGetNumDevs
joyGetDevCapsA
mciSendCommandA

wsock32

WSASetBlockingHook
htonl
ntohl
ntohs
bind
WSAUnhookBlockingHook
htons
WSACancelBlockingCall
inet_addr
ioctlsocket

kernel32

WriteConsoleA
DeleteFileA
VirtualProtect
GetVersionExA
SetEndOfFile
WriteFile
LCMapStringW
LCMapStringA
QueryPerformanceCounter
ReadConsoleInputA
GetNumberOfConsoleInputEvents
Sleep
GetStdHandle
AllocConsole
CreateEventA
GetCurrentDirectoryA
GlobalMemoryStatus
GetProcAddress
LoadLibraryA
GlobalUnlock
GlobalFree
GlobalLock
GlobalAlloc
HeapReAlloc
FreeConsole
CloseHandle
QueryPerformanceFrequency
CompareStringA
FindFirstFileA
FindClose
GetStringTypeA
SetStdHandle
GetCurrentProcessId
CreateFileA
GetFileAttributesA
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
GetStringTypeW
GetSystemDirectoryA
UnhandledExceptionFilter
GetFileType
GetModuleFileNameA
SetFilePointer
RaiseException
SetHandleCount
VirtualFree
HeapCreate
VirtualAlloc
RtlUnwind
ReadFile
HeapDestroy
HeapFree
GetCommandLineA
FlushFileBuffers
SetEnvironmentVariableA
GetModuleHandleA
CreateDirectoryA
GetLastError
CompareStringW
GetVersion
FreeEnvironmentStringsA
TerminateProcess
GetStartupInfoA
HeapAlloc
ExitProcess
GetCurrentProcess

user32

ClipCursor
SetCursorPos
ShowCursor
SetCapture
DefWindowProcA
BeginPaint
EndPaint
AdjustWindowRectEx
SystemParametersInfoA
PostMessageA
DestroyWindow
CreateWindowExA
SendMessageA
LoadIconA
EnumDisplaySettingsA
ChangeDisplaySettingsA
ReleaseDC
LoadCursorA
RegisterClassA
GetSystemMetrics
SetWindowPos
CreateDialogParamA
ShowWindow
UpdateWindow
SetForegroundWindow
MsgWaitForMultipleObjects
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
GetCursorPos
ReleaseCapture
GetDC
InvalidateRect
GetKeyState
SetActiveWindow
EnableWindow
LoadStringA
WaitMessage
SetCursor
GetClientRect
SetFocus

gdi32

PatBlt
CreatePalette
DeleteObject
UnrealizeObject
SelectPalette
RealizePalette
GetStockObject
SetSystemPaletteUse
GetSystemPaletteUse
GetDIBits
GetSystemPaletteEntries
CreateCompatibleBitmap
SetStretchBltMode
StretchBlt
BitBlt
DeleteDC
GetDeviceCaps
CreateCompatibleDC
SelectObject

Sections

.text
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

595105755c9012471721b60f28a7c8d3

Headers

File Characteristics

Imports

winmm

wsock32

kernel32

user32

gdi32

Sections

.text Size: 366KB - Virtual size: 365KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 80KB - Virtual size: 572KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 39KB - Virtual size: 39KB

.text
Size: 366KB - Virtual size: 365KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 80KB - Virtual size: 572KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 39KB - Virtual size: 39KB